Setting up your DNS

If you are not currently running a DNS, you will need to get one up and running in order to implement the Spam Trap, Having one will also speed up most of your lookups associated with web browsing, mail processing, or other Internet activities. Linux systems come with BIND9, which is the reference implementation of the DNS. There is an excellent version of BIND9 available for Windows, called TreeWalk DNS, available from http://www.ntcanuck.com. It is easy to install and has a good configuration wizard.

Initial setup of your DNS is beyond the scope of this document. Once you have it running simply as a cache of other DNS data, you are ready to add the few items needed to create a local blacklist.

Configuring your Zone

Once you choose a name for your blacklist, for example dnsrbl.mydomain.com, you will need to add the definition to the configuration file for your DNS. As it was installed, the conf file for my version of BIND9 ended with include "filter.conf" which caused that file to become an extension of the DNS configuration. It contained only comments, originally, so it was easy to replace with the following:

// Zone definition for my blacklist
zone "dnsrbl.mydomain.com" IN {
                          type master;
                          file "dnsrbl.txt";
                          allow-update {192.168.2.2/32; };
}; 

Note: Those are all curly braces, not parentheses!

This defines your zone. says that the contents of it are defined in a zone file named dnsrbl.txt, and that it can be updated by the computer whose address is 192.168.2.2, and only that computer. Replace that IP with the address within the LAN where the Spam Trap will be running.

Your Zone File

So now you need to also provide dnsrbl.txt to define the contents of your zone:

$ORIGIN .
$TTL 86400 ; 1 day
dnsrbl.mydomain.com   IN SOA dnsrbl.mydomain.com. postmaster.mydomain.com. (
                             2006112671 ; serial
                             3600 ; refresh (1 hour)
                             900 ; retry (15 minutes)
                             86400 ; expire (1 day)
                             3600 ; minimum (1 hour)
                             )
                      NS     dnsrbl.mydomain.com.
                      A      0.0.0.0 (replace with your IP address)
$ORIGIN dnsrbl.mydomain.com.
2.0.0.127             A     127.0.0.2
localhost             A     127.0.0.1

This defines the initial records in your zone. The Spam Trap will add many more, Here are what the entries mean:

As entries are added to the DNS by the Spam Trap, they will initially be written to a journal file, but BIND9 will eventually rewrite your zone file.

Restart the DNS

When these changes have been made, you will have to restart your DNS. Any errors will prevent it from coming back up, so you may want to learn how to read the log file. On Windows a tool called "Debug Viewer (Dbgview.exe) is available from Microsoft.